Certbot fails to authenticate my domain

My domain is: nujabes.xyz

I ran this command: sudo certbot --apache

It produced this output:

Requesting a certificate for nujabes.xyz

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
  Domain: nujabes.xyz
  Type:   connection
  Detail: Fetching http://nujabes.xyz/.well-known/acme-challenge/beE3OT9e2Tfw8dm_ahHhJ0l3ZdXaOyR5JNAOsYtLqV8: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

My web server is (include version): Apache/2.4.38 (Debian)

The operating system my web server runs on is (include version):

  • Operating System: GNU/Linux

  • Kernal Release: 5.10.17-v8+

  • Kernal Version: #1421 SMP PREEMPT Thu May 27 14:01:37 BST 2021

  • Machine: aarch64

  • My http website is running on Apache on Debian 10 (buster) on a Raspberry Pi 4 (8gb) (Raspberry Pi OS [64bit])

My hosting provider, if applicable, is: namecheap

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes Don't know how to find the specific version, but it's just https://ap.www.namecheap.com/domains/domaincontrolpanel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.16.0

---- More Context ----

I have made a single configuration when accessing the ControlPanel that I have with namecheap. I have nothing listed under the REDIRECT DOMAIN tab, but I do have an A Record set with host as @, value as 68.xx.xxx.xxx, and TTL as Automatic

I have also attempted to follow an article, Setup Apache2 HTTP / HTTPS and Domain Redirects on Ubuntu 16.04 LTS Servers • Website for Students, which led me to using the following commands:

sudo apachectl configtest
sudo a2enmod ssl
sudo a2ensite default-ssl

I'm really not sure what any of those did, but I did notice that I am now able to connect to the https version of my website, but since the certificate is self-signed it gives me a warning stating that my connection is insecure and that I have a yellow flag next to the certificate indicator.

I have only made changes to a single file from within /etc/apache2. The contents of the file that I changed /etc/apache2/sites-available/000-default.conf:

<VirtualHost *:80>
        ServerName nujabes.xyz

        ServerAdmin xxx@gmail.com
        DocumentRoot /var/www/html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

---- Question(s) ----

Why does it state "Ensure that the listed domains point to this Apache server and that it is accessible from the internet" because I am able to access them from any device outside of the same internet that I am using to host this.

What does it mean by "point to this Apache server"?

Do I need to do any editing to any of the .conf files with in /etc/apache2 directory for certbot to authenticate and provide my http a certificate?

Yes, it seems that it should work.

Could you try again?

When I just tried to get a certificate for your domain just now, I didn't get a timeout error.

It may have just been a temporary network interruption.

1 Like

Thank you so much for your quick reply! I'm currently rate limited for another 30 minutes or so because I've tried so many times. Should I be trying to certify my website from a machine other than the one that is being used to host it? Does that matter at all? Also, when I mentioned that the https is able to be viewed and connected to, it brings the user to a Accept and continue the Risk which means that it isn't certified by certbot yet.

1 Like

ok well it just suddenly worked for no reason at all hehe

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.